NAVIGATION
CORPORATE OFFICE
Zunesis, Inc.
4B Inverness Ct E Suite 100,
Englewood, CO 80112
(720) 221-5200
Las Vegas
6671 Las Vegas Blvd S
Building D Suite 210, Office 260
Las Vegas, NV 89119
(702) 837-5300
Microsoft Windows has been a staple in the PC industry for over 30 years. Who can forget the oldies but goodies (not including server or mobile versions):
• Windows 1.0 – 2.0 (1985-1992)
• Windows 3.0 – 3.1 (1990-1994)
• Windows 95 (1995)
• Windows 98 (1998)
• Windows ME (2000)
• Windows NT 3.1 – 4.0 (1993-1996)
• Windows 2000 (2000)
• Windows XP (2001)
• Windows CE (2006)
• Windows 7 (2009)
• Windows Phone (2010)
• Windows 8 (2012)
• Windows 10 (2015)
Of the more than 2 billion PCs which exist in the world, Microsoft dominates the operating systems running on them (according to NetMarketShare):
• Windows 10 – 43.86%
• Windows 7 – 36.47%
• Windows 8.1 – 4.18%
• Windows XP – 2.37%
• Windows 8 – 0.79%
• Windows Vista – 0.17%
Microsoft introduced Windows Update with Windows 98. It would check for patches to Windows and its components, as well as other Microsoft products such as Office, Visual Studio and SQL Server.
Windows Updates had two problems.
1. Less experienced users did not know about it as it had to be installed separately.
2. Corporate users had to update every machine in the company but also had to uninstall patches as they often broke existing functionality.
Microsoft introduced Patch Tuesday in October 2003 to reduce the cost of distributing patches. Tuesday was chosen because of the time available before the weekend to correct issues that arise with the patches. This left Monday to take care of any unanticipated issues from the preceding weekend.
At Ignite 2015, Microsoft announced a change to distributing security patches. Home PCs, tablets, and phones would get the security releases as soon as they were ready. While enterprise customers stayed on the Patch Tuesday monthly cycle – retooled as Windows Update for Business.
Windows 10 saw another change to update distribution. Microsoft released a new version of Windows 10 twice a year. A “Modern Lifecycle Policy” was created which stated Home and Pro versions of Windows 10 will be provided with security and feature updates for up to 18 months after release, enterprise for 24 months.
According to Microsoft, “a device needs to install the latest version (feature update) before current version reaches end of service to help keep your device secure and have it remain supported by Microsoft”.
Through it all, there remained a constant. The potential for an update to cause unintended results, even breaking the machine they intended to fix.
Last year alone, Windows 10 had at least two serious issues that emerged once the final builds were released. Microsoft had to delay the April 2018 Update because of unexpected “Blue Screen of Death” issues. The October 2018 Update was pulled days after users discovered the upgrade deleted files.
On April 4, 2019, Microsoft released a new policy to give users greater control of the installing updates in Windows 10.
“We will provide notification that an update is available and recommended based on our data, but it will be largely up to the user to initiate when the update occurs.”
When Windows 10 devices are at, or will soon reach, end of service, Windows update will continue to automatically initiate a feature update. This keeps machines supported and receiving monthly updates which are critical to device security and ecosystem health.
New features will empower users with control and transparency around when updates are installed. In fact, all customers will now have the ability to explicitly choose if they want to update their device when they “check for updates” or to pause updates for up to 35 days.”
Some of the features they are utilizing to provide this control are:
• Download and install now option – Gives the users the ability to enjoy feature updates as soon as Microsoft makes them available.
• Extended ability to pause updates – Allows a user to pause both feature and monthly updates for up to 35 days (seven days at a time, up to five times). Once reached, users will need to update their device before pausing again.
• Intelligent active hours – Avoid disruptive update restarts. To further enhance active hours, users will now have the option to let Windows Update intelligently adjust active hours based on their device-specific usage patterns.
• Improved update orchestration – Improve system responsiveness by intelligently coordinating Windows updates and Microsoft Store updates, so they occur when users are away from their devices to minimize disruptions.
Microsoft is expanding its focus on quality by expanding release preview. This allows for more feedback and insights on capabilities and expanding interaction with the ecosystem partners including OEMs and ISVs.
Microsoft thanks their many millions of users for providing feedback. This allowed for early detection of low-volume, high-severity issues. A new public dashboard was created for increased issue transparency. It provides clear and regular communications with their customers on status and when there are issues.
Commercial customers will see the updates ready in late May, beginning with the servicing period for version 1903 of Windows 10. If you are part of the Windows Insider Program, you probably already have the release.
For more information on what is included with the May 2019, one of the better guides can be found here.
Are Windows updates necessary? Applying updates every month is not something system administrators look forward to but they are necessary and extremely important in the times we live in.
Most updates each month include security updates. Security issues are the worst possible type as they may be exploited by malware or hackers. These types of situations are regularly identified in various parts of Windows – ActiveX, IIS, Internet Explorer and .Net Framework are just examples. Other updates address other bugs and issues in Windows. Even though they are not responsible for security vulnerabilities, they might impact the stability of your Operating System. Last, but not least, Windows Updates sometimes come with new features, while patching some known issues – and the best example for this is IIS and Internet Explorer.
The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn’t perfect, we all know that. The latest Windows security patches fix the vulnerabilities and errors in Windows and associated software, and they occasionally add new features. This essentially summarizes why you should regularly run a Windows Update.
Security issues are regularly identified in various parts of the Windows operating system, including the main platform. Even if you do not run the respective software, it is a risk not to patch it, simply because it is installed on your system. Note that these updates are required, even if you are running anti-malware or anti-virus software, as that software may not sufficiently protect you from Windows security issues.
Potential consequences of not installing security updates are damaged software, loss of data, or identity theft. Every year, malware causes damage of millions of dollars worldwide. The main reason is that users don’t install critical software or operating system updates, allowing malware to exploit loopholes that exist in every software ever developed. Vulnerabilities can potentially be exploited within hours of them becoming publicly known. So once a security update is available, you should plan to install the fix to protect your system from malware attacks.
Some ways to control and monitor the deployment of Microsoft updates in a corporate environment is with products like WSUS or System Center Configuration Manager(SCCM).
Here is a list taken from Microsoft of some common types of updates available each month.
Critical Updates are a widely released fix for a specific problem that addresses a critical non-security-related bug.
Security updates are a widely released fix for a product-specific, security-related vulnerability. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low.
Monthly Rollups are relatively new. They are a tested, cumulative set of updates. They include both security and reliability updates that are packaged together and distributed over Windows Update, WSUS, System Center Configuration Manager and Microsoft Update Catalog for easy deployment. The Monthly Rollup is product specific, addresses both new security issues and non-security issues in a single update and will proactively include updates that were released in the past. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low. This Monthly Rollup would be displayed under the title Security Monthly Quality Rollup when you download or install. This Monthly Rollup will be classified as an “Important” update on Windows Update and will automatically download and install if your Windows Update settings are configured to automatically download and install Important updates.
A service pack is a tested, cumulative set of all hotfixes, security updates, critical updates, and other updates. Additionally, service packs may contain additional fixes for problems that are found internally since the release of the product. Service packs may also contain a limited number of customer-requested design changes or features.
While non critical updates are not responsible for security-relevant vulnerabilities, they may still be very annoying as they potentially impact the performance and stability of Windows. So the main reason for installing general updates is to avoid or resolve Windows issues and hopefully have a smooth running System.
Microsoft will test the latest updates prior to release on the second Tuesday of each month. Unfortunately, there are an infinite number of hardware and software configurations that could exist on a Windows computer. Testing all possible computers systems would be almost impossible.
When a Windows update causes a problem it’s likely due to a software or driver that has issues with the update, not the update itself.
It is very important to create a group of desktops and servers for testing the latest updates. Once the updates are applied to the test, computers monitor and document any irregularities in behavior of the test systems. Although Microsoft updates rarely cause a problem it has been known to happen thus the reason for a test group of computers. If all is well after at least a week with the test group, it is relatively safe to deploy the tested updates to production.
Even after testing, there is no guarantee a problem won’t arise but it’s not worth the risk you may be taking of not applying these security patches.
It is critical to install security updates to protect your systems from malicious attacks. In the long run, it is also important to install software updates, not only to access new features, but also to be on the safe side in terms of security loop holes being discovered in outdated programs. And it is in your own best interest to install all other updates, which may potentially cause your system to become vulnerable to attack.
Questions about your unique environment? End your IT frustration today. Discuss your situation with Zunesis’s team of IT experts.
Are Windows updates necessary? Applying updates every month is not something system administrators look forward to but they are necessary and extremely important in the times we live in.
Most updates each month include security updates. Security issues are the worst possible type as they may be exploited by malware or hackers. These types of situations are regularly identified in various parts of Windows – ActiveX, IIS, Internet Explorer and .Net Framework are just examples. Other updates address other bugs and issues in Windows. Even though they are not responsible for security vulnerabilities, they might impact the stability of your Operating System. Last, but not least, Windows Updates sometimes come with new features, while patching some known issues – and the best example for this is IIS and Internet Explorer.
The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn’t perfect, we all know that. The latest Windows security patches fix the vulnerabilities and errors in Windows and associated software, and they occasionally add new features. This essentially summarizes why you should regularly run a Windows Update.
Security issues are regularly identified in various parts of the Windows operating system, including the main platform. Even if you do not run the respective software, it is a risk not to patch it, simply because it is installed on your system. Note that these updates are required, even if you are running anti-malware or anti-virus software, as that software may not sufficiently protect you from Windows security issues.
Potential consequences of not installing security updates are damaged software, loss of data, or identity theft. Every year, malware causes damage of millions of dollars worldwide. The main reason is that users don’t install critical software or operating system updates, allowing malware to exploit loopholes that exist in every software ever developed. Vulnerabilities can potentially be exploited within hours of them becoming publicly known. So once a security update is available, you should plan to install the fix to protect your system from malware attacks.
Some ways to control and monitor the deployment of Microsoft updates in a corporate environment is with products like WSUS or System Center Configuration Manager(SCCM).
Here is a list taken from Microsoft of some common types of updates available each month.
Critical Updates are a widely released fix for a specific problem that addresses a critical non-security-related bug.
Security updates are a widely released fix for a product-specific, security-related vulnerability. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low.
Monthly Rollups are relatively new. They are a tested, cumulative set of updates. They include both security and reliability updates that are packaged together and distributed over Windows Update, WSUS, System Center Configuration Manager and Microsoft Update Catalog for easy deployment. The Monthly Rollup is product specific, addresses both new security issues and non-security issues in a single update and will proactively include updates that were released in the past. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low. This Monthly Rollup would be displayed under the title Security Monthly Quality Rollup when you download or install. This Monthly Rollup will be classified as an “Important” update on Windows Update and will automatically download and install if your Windows Update settings are configured to automatically download and install Important updates.
A service pack is a tested, cumulative set of all hotfixes, security updates, critical updates, and other updates. Additionally, service packs may contain additional fixes for problems that are found internally since the release of the product. Service packs may also contain a limited number of customer-requested design changes or features.
While non critical updates are not responsible for security-relevant vulnerabilities, they may still be very annoying as they potentially impact the performance and stability of Windows. So the main reason for installing general updates is to avoid or resolve Windows issues and hopefully have a smooth running System.
Microsoft will test the latest updates prior to release on the second Tuesday of each month. Unfortunately, there are an infinite number of hardware and software configurations that could exist on a Windows computer. Testing all possible computers systems would be almost impossible.
When a Windows update causes a problem it’s likely due to a software or driver that has issues with the update, not the update itself.
It is very important to create a group of desktops and servers for testing the latest updates. Once the updates are applied to the test, computers monitor and document any irregularities in behavior of the test systems. Although Microsoft updates rarely cause a problem it has been known to happen thus the reason for a test group of computers. If all is well after at least a week with the test group, it is relatively safe to deploy the tested updates to production.
Even after testing, there is no guarantee a problem won’t arise but it’s not worth the risk you may be taking of not applying these security patches.
It is critical to install security updates to protect your systems from malicious attacks. In the long run, it is also important to install software updates, not only to access new features, but also to be on the safe side in terms of security loop holes being discovered in outdated programs. And it is in your own best interest to install all other updates, which may potentially cause your system to become vulnerable to attack.
Questions about your unique environment? End your IT frustration today. Discuss your situation with Zunesis’s team of IT experts.
NAVIGATION
CORPORATE OFFICE
Zunesis, Inc.
4B Inverness Ct E Suite 100,
Englewood, CO 80112
(720) 221-5200
Las Vegas
6671 Las Vegas Blvd S
Building D Suite 210, Office 260
Las Vegas, NV 89119
(702) 837-5300